VYPR

CWE-1100

Insufficient Isolation of System-Dependent Functions

BaseIncomplete

Description

The product or code does not isolate system-dependent functionality into separate standalone modules.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (2)

  • CVE-2021-32575MedJun 17, 2021
    risk 0.42cvss 6.5epss 0.01

    HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.

  • CVE-2024-7045MedMar 20, 2025
    risk 0.28cvss 4.3epss 0.00

    In version v0.3.8 of open-webui/open-webui, improper access control vulnerabilities allow an attacker to view any prompts. The application does not verify whether the attacker is an administrator, allowing the attacker to directly call the /api/v1/prompts/ interface to retrieve…